/*
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
 *
 * Copyright (c) 2013-2014 sagyf Yang. The Four Group.
 */

package app.controllers.merchant;

import app.models.sys.AuthUsers;
import com.github.sog.config.StringPool;
import com.github.sog.controller.BasicController;
import com.github.sog.controller.security.SecurityKit;
import com.github.sog.kit.date.DateProvider;
import com.github.sog.kit.servlet.RequestKit;
import com.google.common.base.Strings;
import com.jfinal.aop.Before;
import com.jfinal.ext.interceptor.Restful;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import javax.servlet.http.HttpServletRequest;

/**
 * <p>
 * .
 * </p>
 *
 * @author sagyf yang
 * @version 1.0 2014-05-25 10:47
 * @since JDK 1.6
 */
@Before(Restful.class)
public class LoginController extends BasicController {

    private static final Logger logger = LoggerFactory.getLogger(LoginController.class);

    /**
     * The index route.
     */
    public void index() {
        if (SecurityKit.isLogin(getRequest())) {
            redirect("/merchant/main");
            return;
        } else {
            int mask = getParaToInt("error", 0);
            String name = getPara("name", StringPool.EMPTY);
            setAttr("name", name);
            if (mask > 0) {
                setAttr("error", (mask == 2) ? "用户名或者密码错误!" : (mask == 3 ? "非法用户身份登录" : "请输入登录账号和登录密码"));
            }
        }

        render("index.ftl");
    }


    public void save() {
        String password = getPara(FormAuthenticationFilter.DEFAULT_PASSWORD_PARAM);
        String username = getPara(FormAuthenticationFilter.DEFAULT_USERNAME_PARAM);
        if (Strings.isNullOrEmpty(username) || Strings.isNullOrEmpty(password)) {
            redirect("/merchant/login?error=1&name=" + username);
            return;
        }
        AuthUsers users = AuthUsers.dao.findByName(username);
        if (users == null) {
            logger.error("用户名或者密码错误！");
            redirect("/merchant/login?error=2&name=" + username);
            return;
        }
        final String role = users.getStr("role");
        if (!StringUtils.startsWith(role, "merchant")) {
            logger.error("非商户人员登录商户系统！");
            redirect("/merchant/login?error=3&name=" + username);
            return;
        }
        final HttpServletRequest request = getRequest();
        boolean success = SecurityKit.login(users, password, false, request, getResponse());
        if (success) {
            // login success.
            users.set("last_login_time", DateProvider.DEFAULT.getCurrentDate());
            users.set("last_login_ip", RequestKit.getRemoteAddr(request));
            users.update();
            redirect(StringPool.SLASH + role.replace(StringPool.DASH, StringPool.SLASH));
        } else {

            logger.error("用户名或者密码错误！");
            redirect("/merchant/login?error=2&name=" + username);
        }
    }
}